package com.lh.center.common.web.advice;

import cn.hutool.crypto.SecureUtil;
import cn.hutool.crypto.digest.MD5;
import cn.hutool.crypto.symmetric.AES;
import com.lh.center.common.annotations.SystemLog;
import com.lh.center.common.base.session.SessionUser;
import com.lh.center.common.constant.GlobalConstant;
import com.lh.center.common.util.AssertUtil;
import com.lh.center.common.web.session.SessionOperation;
import org.apache.commons.lang3.StringUtils;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.CollectionUtils;
import org.springframework.util.PathMatcher;

import javax.servlet.http.HttpServletRequest;
import java.lang.reflect.Method;
import java.util.HashSet;
import java.util.Set;

public class DefaultBeforeRequestAdvice implements BeforeRequestAdvice{

    @Override
    public void beforeAuth(HttpServletRequest request) {

    }

    @Override
    public void afterAuth(HttpServletRequest request) {
        //处理接口权限
        SessionUser user = SessionOperation.getUser();
        Set<String> apiPathSet = user.getApiPaths();
        if (!CollectionUtils.isEmpty(apiPathSet)) {
            Set<String> pressUri = new HashSet<>();
            pressUri.add("api/merchant/press/pressPage");
            pressUri.add("api/merchant/press/change");
            pressUri.add("api/merchant/press/pressReach");
            pressUri.add("api/merchant/press/selectReach");
            pressUri.add("api/merchant/press/getUnreadNum");
            pressUri.add("api/merchant/press/readAll");
            pressUri.add("api/merchant/press/pagePress");
            apiPathSet.addAll(pressUri);
        }

        if(!CollectionUtils.isEmpty(apiPathSet)){
            String requestURI = request.getRequestURI();
            PathMatcher matcher = new AntPathMatcher();
            boolean match = apiPathSet.stream().anyMatch(path -> matcher.match(path, requestURI));
            AssertUtil.isTrue(!match,"暂无接口访问权限");
        }
        //处理接口权限以及限制的策略
        String checkSign = request.getHeader(GlobalConstant.IS_CHECK_HEADER_SIGN);
        if(StringUtils.isBlank(checkSign) || !"TRUE".equals(checkSign.toUpperCase())){
            return ;
        }
        String timestamp = request.getHeader("timestamp");
        String noticeStr = request.getHeader("noticeStr");
        String sign = request.getHeader("sign");
        String secret = SessionOperation.getUser().getSecret();
        // 将 timestamp的值+noticeStr的值合并，再使用secret进行AES处理，最后转MD5并大写
        AES aes = SecureUtil.aes(secret.getBytes());
        String s = aes.encryptBase64(timestamp + noticeStr.substring(16,32));
        String md5 = MD5.create().digestHex(s).toUpperCase();
        AssertUtil.isTrue(md5.equals(sign),"非法请求");
    }

    @Override
    public void beforeCompletion(HttpServletRequest request, Method method) {
        SystemLog log = method.getDeclaredAnnotation(SystemLog.class);
        /*if(log == null){
            return ;
        }
        //什么人
        Long userId = SessionOperation.getUser().getUserId();
        String userName = SessionOperation.getUser().getUserName();
        //做了什么事情
        String value = log.value();
        SystemLogType type = log.type();
        String typeRemark = type.remark;
        //怎么做的
        Object param = SessionOperation.requestParams.get();
        //结果是什么
        Object response = SessionOperation.responseParams.get();
        //保存起来
*/
    }
}
